--On Wednesday, April 11, 2007 3:06 PM -0400 Thierry Moreau <[EMAIL PROTECTED]> wrote:
Dear LDAP experts: From my interest in applied cryptography, I was surprised to see how limited are the (open)LDAP directory entry encryption options. From a security audit perspective, plain text passwords in the LDAP DSA implementation appears worrysome.
I'm curious why you think only plain text passwords get stored in OpenLDAP. Have you actually read the documentation? Most people use hashes.
--Quanah -- Quanah Gibson-Mount Senior Systems Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html --- You are currently subscribed to ldap@umich.edu as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
